I am a an security professional in the financial institution space and am interested in the CPTS. In my work I am involved in risk assessments and also alot of penetration testing including web app vulnerability scanning. I looking to take the course by Mile2 to get more structured exposer to alot of the tools especially the main ones like NMAP,Nesses, password crackers etc. . I have heard some differnt things such as the CPTS focus a lot on the manual exploit techniques such as creating your own scripts inPERL or soemthing like that. In my position most of our projects don't allow a ton of time to work on these more time consuming manual procedures and we have to rely mostly on scanning tools and analysis the output. Does the CPTS fit this type of purpose well? Does the course even go into analysis of the otput at all? Or is it primarily jsut show you how to install ,configure and run multiple tools? I have also looked at the SANS GIAC couses like the Certified networkand system auditor course or the GCIH. GCIH has alot of info but I haven't heard too much on the GSNA.

if you have the budget, you're better off with a SANS course over CEH or CPTS especially since it looks like you are doing more compliance scanning than real penetration testing the GCIH is a good place to start.

'The world does not need any more "ethical hackers". What is needed is more people who know the six steps for properly handling an incident' - Ed Skoudis

-Chris

Last edited by LSOChris on Wed Dec 26, 2007 10:16 pm, edited 1 time in total.

Thnaks for the info Chris and I not sure where the scanning that we do falls as far as being compliance scanning or real pen testing. All I know is my firm sells this service as pen testing though it is generally related to a larger project scope such as annual compliance etc. Also, a good protion of it is application vulnerability testing but in any case I am going to take the GCIH course. I forgot to mention that for me taking the exam and getting the actual certification is secondary to the course and the knowledge learned from the course and it's material. So for example I doubt I would ever really care to take the CPTS exam though I would probably take SANS CERT test just ecause they are well respected.

hi to all,Am interesting on penetration test specialist,but I cant afford the training costs.and its real my desire to know this interesting course i ever seen.I did cisco CCNA,CCDA,CCNP and pix firewall advanced four year backand i didnt practice to my office becouse they dont have much complex networking.but they focus to pen tester.And i feel like I can fit to this rather than finding someone else from outside the company.

so anybody who will be able to support me with all tools,technics and related materials,I will appriciate.

I would strongly recommend the GCIH exam and class structure over the CEH. With limited study you can complete the CEH after the GCIH class you couldn't pass the GCIH after a CEH. At least not with limited effort.